Ensure that detailed CloudWatch metrics are enabled for all your Amazon API Gateway APIs in order to monitor API stage caching and latency, detect errors at a granular level, and set appropriate CloudWatch alarms.
This rule can help you with the following compliance standards:
- MAS
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
excellence
efficiency
The main benefit of enabling detailed CloudWatch metrics for Amazon API Gateway APIs is getting more granular metric data which can help you to act fast and take immediate actions based on information delivered by these metrics through CloudWatch alarms. For example, if you developed a critical API and you need to be notified when there is a sudden spike in 4xx or 5xx errors, you can set up CloudWatch alarms that can monitor on a per minute basis (instead of 5-minute period), using the data gathered by the detailed metrics.
Audit
To determine if detailed CloudWatch metrics are enabled for Amazon API Gateway APIs, perform the following actions:
Remediation / Resolution
To enable detailed CloudWatch metrics for your Amazon API Gateway APIs, perform the following operations:
References
- AWS Documentation
- Amazon API Gateway FAQs
- Monitoring REST API execution with Amazon CloudWatch metrics
- Setting up CloudWatch logging for a REST API in API Gateway
- Logging and monitoring in Amazon API Gateway
- AWS Command Line Interface (CLI) Documentation
- apigateway
- get-rest-apis
- get-stages
- update-stage
- CloudFormation Documentation
- Amazon API Gateway resource type reference
- Terraform Documentation
- AWS Provider